Commit c6d39a14d6b15f457bfc050f54e256cd5da64cc9
1 parent
cf890b22
Exists in
spb-stable
and in
3 other branches
Add User#requires_ldap_check? method
Signed-off-by: Dmitriy Zaporozhets <dmitriy.zaporozhets@gmail.com>
Showing
2 changed files
with
13 additions
and
3 deletions
Show diff stats
app/controllers/application_controller.rb
| @@ -181,7 +181,7 @@ class ApplicationController < ActionController::Base | @@ -181,7 +181,7 @@ class ApplicationController < ActionController::Base | ||
| 181 | end | 181 | end |
| 182 | 182 | ||
| 183 | def ldap_security_check | 183 | def ldap_security_check |
| 184 | - if current_user && current_user.ldap_user? && current_user.requires_ldap_check? | 184 | + if current_user && current_user.requires_ldap_check? |
| 185 | if gitlab_ldap_access.allowed?(current_user) | 185 | if gitlab_ldap_access.allowed?(current_user) |
| 186 | current_user.last_credential_check_at = Time.now | 186 | current_user.last_credential_check_at = Time.now |
| 187 | current_user.save | 187 | current_user.save |
app/models/user.rb
| @@ -185,7 +185,7 @@ class User < ActiveRecord::Base | @@ -185,7 +185,7 @@ class User < ActiveRecord::Base | ||
| 185 | where(conditions).first | 185 | where(conditions).first |
| 186 | end | 186 | end |
| 187 | end | 187 | end |
| 188 | - | 188 | + |
| 189 | def find_for_commit(email, name) | 189 | def find_for_commit(email, name) |
| 190 | # Prefer email match over name match | 190 | # Prefer email match over name match |
| 191 | User.where(email: email).first || | 191 | User.where(email: email).first || |
| @@ -275,7 +275,9 @@ class User < ActiveRecord::Base | @@ -275,7 +275,9 @@ class User < ActiveRecord::Base | ||
| 275 | # Projects user has access to | 275 | # Projects user has access to |
| 276 | def authorized_projects | 276 | def authorized_projects |
| 277 | @authorized_projects ||= begin | 277 | @authorized_projects ||= begin |
| 278 | - project_ids = (personal_projects.pluck(:id) + groups_projects.pluck(:id) + projects.pluck(:id)).uniq | 278 | + project_ids = personal_projects.pluck(:id) |
| 279 | + project_ids += groups_projects.pluck(:id) | ||
| 280 | + project_ids += projects.pluck(:id).uniq | ||
| 279 | Project.where(id: project_ids).joins(:namespace).order('namespaces.name ASC') | 281 | Project.where(id: project_ids).joins(:namespace).order('namespaces.name ASC') |
| 280 | end | 282 | end |
| 281 | end | 283 | end |
| @@ -406,6 +408,14 @@ class User < ActiveRecord::Base | @@ -406,6 +408,14 @@ class User < ActiveRecord::Base | ||
| 406 | end | 408 | end |
| 407 | end | 409 | end |
| 408 | 410 | ||
| 411 | + def requires_ldap_check? | ||
| 412 | + if ldap_user? | ||
| 413 | + !last_credential_check_at || (last_credential_check_at + 1.hour) < Time.now | ||
| 414 | + else | ||
| 415 | + false | ||
| 416 | + end | ||
| 417 | + end | ||
| 418 | + | ||
| 409 | def solo_owned_groups | 419 | def solo_owned_groups |
| 410 | @solo_owned_groups ||= owned_groups.select do |group| | 420 | @solo_owned_groups ||= owned_groups.select do |group| |
| 411 | group.owners == [self] | 421 | group.owners == [self] |